Add Token Authentication Support
notthatbreezy opened this issue · comments
We need a minimal, opt-in authentication option for the API. Authentication does not need to care about users, just that the client making the request should have access to the API. To this end the following should be added to the API:
- Via the environment allow enabling/disabling authentication
- Create a tokens table with a single UUID column that we can manually populate and generate tokens for API clients with
- When authentication is on, check that a token is in the table
Acceptance Criteria:
- Environment Variable turn Auth on/off
- Endpoints wrapped in optional auth that uses the
Authorization
header with a value ofBearer <Token>
- A migration for a token table
- Instructions in the README for manually generating tokens